search

PaloAltoNetworks / SafeNetworking

Read only mirror. To contribute or submit issues, please go to the website link --->
https://gitlab.com/panw-gse/as/SafeNetworking/
Apache License 2.0
12 stars 10 forks source link

Upgrade of flask to 0.12.3 for CVE fix creates json encoder error #84

Closed punisherVX closed 5 years ago

punisherVX commented 5 years ago

After upgrading Flask to 0.12.3 as per Github recommendation:

Moderate severity The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask t...

requirements.txt update suggested:

flask ~> 0.12.3

Doing the above totally horks the system and we get the below error.

AttributeError: 'Blueprint' object has no attribute 'json_encoder'

This is fixed in Flask 0.12.4 (theoretically)

zube[bot] commented 5 years ago

sdndude said: This is fixed in e766690